Circumventing licence/contract restrictions placed by either McMyAdmin or a hosting provider.

Storing sensitive data unencrypted (such as passwords)

Plugins are disabled by renaming their extension from .jar to .jar.restricted before the Minecraft server is started.

Restricted plugins can still be installed by adding "-pluginname" (excluding the quotes) to the Security.BannedPlugins setting in McMyAdmin.conf. You can add multiple restricted plugins by separating them with commas.

The current restricted plugins list is as follows:

bTelnetD (Local machine access, insecure protocol)

ExChat (Insecure protocol)

jxpl (Arbitrary code execution)

mctelnet (Local machine access, insecure protocol)

MineWire (Alias of mctelnet)

NoPlayerLimit (Circumvents player limit on Personal edition, or on rented servers)

PyDevTools (Arbitrary code execution)

PythonLoader (Arbitrary code execution)

RConPlus (Insecure protocol, unencrypted passwords)

RemoteBukkit (Insecure protocol, unencrypted passwords)

JSONAPI (Insecure protocol, arbitrary code installation)

This page was last modified on 25 Feb 2014 at 09:58.

Powered by Roadkill Wiki (1.7.0). This theme contains portions of its design from Mediawiki.org.